<?php
#[在线留言]
$sysnav = "form";

#[判断权限]
if($_SESSION["admin"]["typer"] != "system" && !$QG_AP["book_feedback"])
{
	Error("对不起，您没有权限操作当前功能",$mainlink."?file=index");
}
$r_url = $mainlink."?file=form";

if($sysAct == "cate")
{
	$sql = "SELECT * FROM ".$prefix."form_cate WHERE 1 ORDER BY id ASC";
	$formlist = $DB->qgGetAll($sql);
	if(!$formlist)
	{
		$updata["form_name"] = "在线留言";
		$updata["sign"] = "book";
		$DB->insert("form_cate",$updata);
		unset($updata);
		$updata["form_name"] = "订单询盘";
		$updata["sign"] = "cart";
		$DB->insert("form_cate",$updata);
		unset($updata);
		Error("自动生成系统表单",$mainlink."?file=form&act=cate");
	}
	#[字段数量]
	foreach($formlist AS $key=>$value)
	{
		$msg_count = $DB->qg_count("SELECT count(*) FROM ".$prefix."form_field WHERE formid='".$value["id"]."'");
		$value["field_num"] = $msg_count+4;
		$formlist[$key] = $value;
	}
}
elseif($sysAct == "cateview")
{
	$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE id='".$id."'");
}
elseif($sysAct == "cateviewok")
{
	$updata["sign"] = $STR->safe($sign);
	$updata["form_name"] = $STR->safe($form_name);
	if($id)
	{
		$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE id='".$id."'");
		if(in_array($rs["sign"],array("book","cart")))
		{
			Error("系统表单不允许修改！",$mainlink."?file=form&act=cate");
		}
		$DB->update("form_cate",$updata,array("id"=>$id));
		unset($updata);
		Error("表单修改成功",$mainlink."?file=form&act=cate");
	}
	else
	{
		$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE sign='".$sign."'");
		if(in_array($rs["sign"],array("book","cart")))
		{
			Error("表单标示已经存在，不允许重复！",$mainlink."?file=form&act=cate");
		}
		$DB->insert("form_cate",$updata);
		Error("表单添加成功",$mainlink."?file=form&act=cate");
	}
}
elseif($sysAct == "catedelete")
{
	$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE id='".$id."'");
	if(in_array($rs["sign"],array("book","cart")))
	{
		Error("系统表单不允许删除！",$mainlink."?file=form&act=cate");
	}
	$DB->qgQuery("DELETE FROM ".$prefix."form_cate WHERE id='".$id."'");
	Error("删除表单完成！",$mainlink."?file=form&act=cate");
}
elseif($sysAct == "fieldlist")
{
	$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE id='".$formid."'");
	$fieldlist = $DB->qgGetAll("SELECT * FROM ".$prefix."form_field WHERE formid='".$formid."' ORDER BY sortid ASC,id ASC");
}
elseif($sysAct == "fielddelete")
{
	if(!$formid)
	{
		Error("操作非法！",$mainlink."?file=form&act=cate");
	}
	$DB->qgQuery("DELETE FROM ".$prefix."form_field WHERE id='".$id."'");
	Error("删除字段完成！",$mainlink."?file=form&act=fieldlist&formid=".$formid);
}
elseif($sysAct == "fieldview")
{
	$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_field WHERE id='".$id."'");
}
elseif($sysAct == "fieldviewok")
{
	if(!$formid)
	{
		Error("操作非法！",$mainlink."?file=form&act=cate");
	}
	$msg = $STR->safe($_POST);
	//系统标识不允许使用
	$fsign = array("id","form_sign","ip","username","tel","email","content","field_content","msglist","postdate","ifcheck");
	if(in_array($msg["sign"],$fsign))
	{
		$relink = $mainlink."?file=form&act=fieldview&formid=".$formid;
		if($id)
		{
			$relink .= "&id=".$id;
		}
		Error("不允许使用系统标识",$relink);
	}
	//编辑
	if($id)
	{
		#[检测组标识是否存在]
		$sql = "SELECT sign FROM ".$prefix."form_field WHERE formid='".$formid."' AND sign='".$msg["sign"]."' AND id!='".$id."'";
		$chksign = $DB->qgGetOne($sql);
		if($chksign)
		{
			Error("组标识已经被使用",$mainlink."?file=form&act=fieldlist&formid=".$formid);
		}
		$updata["ifcheck"] = intval($msg["ifcheck"]);
		$updata["sign"] = $msg["sign"];
		$updata["field_name"] = $msg["field_name"];
		$updata["field_name_en"] = $msg["field_name_en"];
		$updata["field_name_ft"] = $msg["field_name_ft"];
		$DB->update("form_field",$updata,array("id"=>$id));
		unset($updata);
		Error("字段编辑成功！",$mainlink."?file=form&act=fieldlist&formid=".$formid);
	}
	//添加
	else
	{
		#[检测组标识是否存在]
		$sql = "SELECT sign FROM ".$prefix."form_field WHERE formid='".$formid."' AND sign='".$msg["sign"]."'";
		$chksign = $DB->qgGetOne($sql);
		if($chksign)
		{
			Error("组标识已经被使用",$mainlink."?file=form&act=fieldlist&formid=".$formid);
		}
		$updata["formid"] = $formid;
		$updata["sign"] = $msg["sign"];
		$updata["field_name"] = $msg["field_name"];
		$updata["field_name_en"] = $msg["field_name_en"];
		$updata["field_name_ft"] = $msg["field_name_ft"];
		$DB->insert("form_field",$updata);
		unset($updata);
		Error("字段添加成功！",$mainlink."?file=form&act=fieldlist&formid=".$formid);
	}
}
elseif($sysAct == "fieldorder")
{
	$msglist = $DB->qgGetAll("SELECT * FROM ".$prefix."form_field WHERE formid='".$formid."' ORDER BY sortid ASC,id ASC");
	$i = 1;
	foreach($msglist AS $key=>$value)
	{
		$value["row_index"] = $i;
		$msglist[$key] = $value;
		$i++;
	}
}
elseif($sysAct == "fieldorderok")
{
	$i=0;
	$listlayer = substr($listlayer,0,(strlen($listlayer)-1));	

	foreach(explode("=",$listlayer) as $updownlist)
	{
		$i=$i+1;
		$sql="UPDATE ".$prefix."form_field SET sortid='".$i."' WHERE id='".$updownlist."'";
		$DB->qgQuery($sql);
	}	
	Error("字段排序成功...",$mainlink."?file=form&act=fieldlist&formid=".$formid);
}
elseif($sysact == "delete")
{
	$r_url = $_SESSION["return_url"] ? $_SESSION["return_url"] : $r_url."&act=list";
	$id = intval($id);
	if(!$id)
	{
		Error("操作非法",$r_url);
	}
	$sql = "DELETE FROM ".$prefix."form WHERE id='".$id."'";
	$rs = $DB->qgQuery($sql);
	Error("留言主题ID：".$id." 已成功删除",$r_url);
}
elseif($sysAct == "plset")
{
	$myidlist = $STR->safe($idlist);#[获取IDlist]
	if(!$myidlist)
	{
		Error("信息操作不正确",$mainlink."?file=form&act=list");
	}
	$qgtype = $STR->safe($qgtype);
	if($qgtype == "delete")
	{
		$DB->qgQuery("DELETE FROM ".$prefix."form WHERE id in(".$myidlist.")");#[删除主题]
		Error("批量删除主题完成！",$mainlink."?file=form&act=list");
	}
	elseif($qgtype == "dcheck")
	{
		$DB->qgQuery("UPDATE ".$prefix."form SET ifcheck=0 WHERE id in(".$myidlist.")");
		Error("批量 <span style='color:red;'>取消审核</span> 操作完成！",$mainlink."?file=form&act=list");
	}
	else
	{
		$DB->qgQuery("UPDATE ".$prefix."form SET ifcheck=1 WHERE id in(".$myidlist.")");
		Error("批量 <span style='color:red;'>审核</span> 操作完成！",$mainlink."?file=form&act=list");
	}
}
elseif($sysAct == "view")
{
	$leftnav = "form";
	$id = intval($id);
	if(!$id)
	{
		Error("操作非法！",$mainlink."?file=form&act=list");
	}
	$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form WHERE id='".$id."'");
	if($rs["field_content"])
	{
		$fieldlist = std_array(json_decode($rs["field_content"]));
		$fieldlist = form_field($rs["form_sign"],$fieldlist);
	}
	if($rs["msglist"])
	{
		$rslist = std_array(json_decode($rs["msglist"]));
		$msglist = cart_msg($rslist);
	}
}
elseif($sysAct == "viewok")
{
	$id = intval($id);
	if(!$id)
	{
		Error("操作非法！",$mainlink."?file=form&act=list");
	}
	$msg = $STR->safe($_POST);
	$updata = $msg;
	$updata["ifcheck"] = intval($updata["ifcheck"]);
	$DB->update("form",$updata,array("id"=>$id));
	unset($updata);
	$relink = $mainlink."?file=form&act=list";
	if($cateid)
	{
		$relink .= "&cateid=".$cateid;
	}
	Error("留言内容编辑成功！",$relink);
}
else
{
	$leftnav = "form";
	$catelist = $DB->qgGetAll("SELECT * FROM ".$prefix."form_cate ".$condition." ORDER BY id ASC");
	
	#[留言列表]
	$psize = 30;
	$pageid = intval($pageid);
	$offset = $pageid>0 ? ($pageid-1)*$psize : 0;
	$page_url = $mainlink."?file=form&act=list";
	$keywords = $STR->safe($keywords);
	$condition = "WHERE 1";
	if($keywords)
	{
		$page_url .= "&stype=".rawurlencode($stype);
		$page_url .= "&keywords=".rawurlencode($keywords);
		if($stype == "username")
		{
			$condition .= " AND username LIKE '%".$keywords."%'";
		}
		elseif($stype == "email")
		{
			$condition .= " AND email LIKE '%".$keywords."%'";
		}
	}
	$ifcheck = intval($ifcheck);
	if($ifcheck)
	{
		$page_url .= "&ifcheck=".$ifcheck;
		if($ifcheck == 1)
		{
			$condition .= " AND ifcheck>0";
		}
		else
		{
			$condition .= " AND ifcheck=0";
		}
	}
	if($cateid)
	{
		$form = $DB->qgGetOne("SELECT sign FROM ".$prefix."form_cate WHERE id='".$cateid."'");
		$condition .= " AND form_sign='".$form["sign"]."'";
	}
	$typelist[0]["typename"] = "未分类留言";
	#[计算信息数]
	$bcount = $DB->qgCount("SELECT id FROM ".$prefix."form ".$condition);
	$rslist = $DB->qgGetAll("SELECT * FROM ".$prefix."form ".$condition." ORDER BY postdate DESC,id DESC LIMIT ".$offset.",".$psize);
	$booklist = array();
	foreach($rslist AS $key=>$value)
	{
		$rs = $DB->qgGetOne("SELECT * FROM ".$prefix."form_cate WHERE sign='".$value["form_sign"]."'");
		$value["cateid"] = $rs["id"];
		$value["form_name"] = $rs["form_name"];
		$value["postdate"] = date("Y-m-d H:i:s",$value["postdate"]);
		$formlist[] = $value;
	}
	$pagelist = page($page_url,$bcount,$psize,$pageid);#[获取页数信息]
	$_SESSION["return_url"] = $page_url."&pageid=".$pageid;
}
if($sysact=="cate" || $sysact=="cateview" || $sysact=="fieldlist" || $sysact=="fieldview")
{
	Foot("form.cate.qg");
}
elseif($sysact=="fieldorder")
{
	Foot("form.fieldorder.qg");
}
else
{
	Foot("form.qg");
}
?>